2024-04-22_844bf57146b3bb9e8e540c731b96f254_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-22_844bf57146b3bb9e8e540c731b96f254_magniber
Size

6.7MB
MD5

844bf57146b3bb9e8e540c731b96f254
SHA1

ed9ef8641fcaf7d8782bd68cd03c56a44e16cf67
SHA256

444145a8c3eb6140aff8a22bac5c611d3f87540107b4d66bf5cf4103affa53d5
SHA512

adab228b07a1fa0a21c898b7115ffb180d7c5494ed4e5d32bce332638bc63a97efd4decb02b4b67e051de29442017fe5133a9e2978f8d10436d205e282ef9515
SSDEEP

98304:QjqJeod6Mc7seZytQgzhnVTPSno6FqDSCOM14gfixehHiY/nUc3Qm9:QjqJeodZ5tnzDTPSnoxOwfixEC9cg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-22_844bf57146b3bb9e8e540c731b96f254_magniber

Files

2024-04-22_844bf57146b3bb9e8e540c731b96f254_magniber
.exe windows:6 windows x86 arch:x86

8238fa3fe47f8b40ef17c037aeba8eef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\qmtf\wxPhotan\Release\Win32\quickmtf.pdb

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
RtlUnwind
InterlockedPushEntrySList
LoadLibraryExW
GetModuleHandleExW
ExitThread
LCMapStringEx
SetStdHandle
DeleteFileW
FlushFileBuffers
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
SetFilePointerEx
GetDriveTypeW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
GetTimeZoneInformation
QueryPerformanceFrequency
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
EnumSystemLocalesW
HeapAlloc
GetFileSizeEx
HeapReAlloc
SetEndOfFile
SetEnvironmentVariableW
GetOEMCP
GetCurrentDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FindFirstFileExW
GetCommandLineA
InitializeCriticalSectionEx
DecodePointer
EncodePointer
GlobalSize
GetProcessHeap
HeapSize
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
FreeConsole
GetStdHandle
GetCommandLineW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
SetLastError
IsBadStringPtrA
IsBadReadPtr
CreateThread
WaitForMultipleObjects
CreateEventW
SetEvent
PeekNamedPipe
ReadFile
GetSystemTimeAsFileTime
WriteFile
FindNextFileW
CopyFileW
GetFileType
SetCurrentDirectoryW
FreeLibrary
GetCurrentThread
RaiseException
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetACP
GetCPInfo
IsValidCodePage
GetComputerNameW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
TerminateProcess
GetEnvironmentVariableW
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
CreateFileW
FormatMessageW
LocalFree
TlsFree
TlsSetValue
GetVersionExW
TlsGetValue
TlsAlloc
ResumeThread
GetExitCodeThread
TerminateThread
SetThreadPriority
GetCurrentThreadId
ExitProcess
GetCurrentProcess
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
ExpandEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
SetErrorMode
LocalAlloc
GetLogicalDriveStringsW
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetStringTypeW
MulDiv
GetCurrentProcessId
OutputDebugStringW
Sleep
OpenMutexW
GetLastError
CreateMutexW
GetModuleFileNameW
GlobalMemoryStatusEx
GetProcAddress
LoadLibraryW
GetSystemInfo
FreeLibraryAndExitThread

user32

ValidateRect
UnionRect
ChangeDisplaySettingsW
EnumDisplaySettingsW
ValidateRgn
IsRectEmpty
RegisterClipboardFormatW
GetClipboardFormatNameW
GetClassInfoW
wsprintfW
IsClipboardFormatAvailable
ShowCursor
HideCaret
GetWindowTextLengthW
keybd_event
ChildWindowFromPoint
SetWindowRgn
GetDesktopWindow
SetForegroundWindow
EnableMenuItem
GetSystemMenu
DrawMenuBar
CreateDialogIndirectParamW
IsZoomed
BringWindowToTop
IsIconic
GetWindowPlacement
FlashWindow
CopyRect
SetRectEmpty
DrawFocusRect
DrawStateW
DrawTextW
DestroyIcon
CreateIconIndirect
DrawIconEx
OffsetRect
DrawFrameControl
GetDlgItem
CreateDialogParamW
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
IsDialogMessageW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
SetParent
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
InflateRect
FillRect
GetSysColor
ChildWindowFromPointEx
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
GetWindowRect
SetWindowTextW
EnableScrollBar
ScrollWindow
DestroyAcceleratorTable
InvalidateRect
GetUpdateRgn
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
IsWindowEnabled
EnableWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
VkKeyScanW
GetAsyncKeyState
GetKeyState
GetFocus
GetActiveWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
MoveWindow
ShowWindow
IsWindow
CallWindowProcW
PostQuitMessage
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
TranslateMessage
GetIconInfo
LoadImageW
LoadIconW
LoadBitmapW
GetSystemMetrics
DdeFreeStringHandle
DdeQueryStringW
DdeCreateStringHandleW
DdeGetLastError
CreateAcceleratorTableW
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeClientTransaction
DdeNameService
DdePostAdvise
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeW
KillTimer
SetTimer
MsgWaitForMultipleObjects
DispatchMessageW
GetMessageW
DestroyWindow
UnregisterClassW
DefWindowProcW
SendMessageW
PeekMessageW
LoadCursorW
EndPaint
BeginPaint
GetWindowDC
EnumChildWindows
EndDialog
CheckMenuRadioItem
SetRect
GetSysColorBrush
GetMenuItemID
CheckMenuItem
DrawEdge
TranslateAcceleratorW
SetMenuItemInfoW
InsertMenuItemW
ModifyMenuW
SetCursor
CreateWindowExW
RegisterClassW
PostMessageW
GetSubMenu
CreatePopupMenu
CreateMenu
GetMenuState
GetDoubleClickTime
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
AdjustWindowRectEx
RemoveMenu
AppendMenuW
InsertMenuW
DestroyMenu
GetMenuStringW
SetMenu
PostThreadMessageW
GetClassNameW
MessageBeep
GetWindowTextW
GetDialogBaseUnits
MessageBoxA
RedrawWindow
GetDC
ReleaseDC
MessageBoxW
GetClientRect
DestroyCursor
CreateCursor
FindWindowExW
MapWindowPoints

gdi32

PolyPolygon
Rectangle
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
SetMapMode
SetPixel
SetPolyFillMode
SetROP2
SetTextColor
ExtTextOutW
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateBitmap
GetOutlineTextMetricsW
CreatePen
ExtCreatePen
ExtCreateRegion
GetRegionData
OffsetRgn
Ellipse
CreateRectRgnIndirect
RectInRegion
CreateHatchBrush
CreatePatternBrush
EqualRgn
GetRgnBox
PtInRegion
MaskBlt
LineTo
MoveToEx
GetTextExtentPoint32W
CreateDIBitmap
CreatePalette
GetDIBits
CreateDIBSection
GetDIBColorTable
GetNearestPaletteIndex
GetPaletteEntries
GetCharABCWidthsW
GetTextExtentExPointW
CreateICW
SetAbortProc
CreateDCW
StartDocW
EndDoc
StartPage
EndPage
EnumFontFamiliesExW
CloseEnhMetaFile
CreateEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
PatBlt
GetStockObject
GetPixel
ExtFloodFill
GetBkColor
GetClipBox
GetDeviceCaps
Pie
DeleteDC
CreateSolidBrush
CreateFontIndirectW
GetSystemPaletteEntries
StretchBlt
StretchDIBits
SetStretchBltMode
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
Arc
GdiFlush
SetBrushOrgEx
GetTextMetricsW
GetObjectType
SelectPalette
SelectObject
RealizePalette
ExcludeClipRect
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
OleIsCurrentClipboard
OleInitialize
OleUninitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
ReleaseStgMedium
OleSetClipboard
OleGetClipboard
OleFlushClipboard

oleaut32

VarBstrFromCy
SysStringLen
SysFreeString

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

ChooseFontW
PageSetupDlgW
PrintDlgW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW
GetUserNameW
RegSetValueExW
RegQueryValueExW

shell32

DragAcceptFiles
DragFinish
DragQueryPoint
ShellExecuteExW
ExtractIconExW
ExtractIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetFileInfoW
DragQueryFileW
SHBrowseForFolderW

comctl32

ImageList_GetIconSize
ImageList_Remove
ImageList_Replace
ImageList_Draw
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Add
ImageList_GetIcon
ImageList_GetImageInfo
ord17
ord16
ImageList_Create
ImageList_Destroy
ImageList_GetImageCount

rpcrt4

UuidToStringW
RpcStringFreeW

wsock32

connect
getsockname
getsockopt
listen
recv
recvfrom
accept
send
sendto
setsockopt
shutdown
socket
htonl
htons
ioctlsocket
ntohl
ntohs
gethostbyaddr
gethostbyname
getservbyname
WSAGetLastError
closesocket
WSAStartup
WSACleanup
__WSAFDIsSet
bind
select

vcomp140

_vcomp_set_num_threads
_vcomp_sections_next
_vcomp_sections_init
_vcomp_leave_critsect
_vcomp_fork
_vcomp_for_static_simple_init
_vcomp_for_static_end
_vcomp_flush
_vcomp_enter_critsect

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8238fa3fe47f8b40ef17c037aeba8eef

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

oleaut32

winspool.drv

comdlg32

advapi32

shell32

comctl32

rpcrt4

wsock32

vcomp140

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 112KB - Virtual size: 325KB

.rsrc Size: 125KB - Virtual size: 125KB

.reloc Size: 431KB - Virtual size: 430KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 112KB - Virtual size: 325KB

.rsrc
Size: 125KB - Virtual size: 125KB

.reloc
Size: 431KB - Virtual size: 430KB